Share
## https://sploitus.com/exploit?id=D33B3970-3577-591E-A511-663051F282B8
### Parameters

- `-f`: File to scan (default: `urls.txt`)
- `-f`: File to scan (file path): Specify custom files to scan.
- `-t`: Thread count
- `--timeout`: Timeout value
- `-o`: Output file name
- `-q`: Quiet mode (only outputs vulnerability URLs)
- `-c`: Command to execute (default: `whoami`)
- `-c`: Command to execute (file path): Specify custom commands to execute.

| Parameter | Description | Default Value |
|----------|--------------|-------------|
| `-f, --file` | URL list file | urls.txt |
| `-u, --url` | Single target URL | - |
| `-t, --threads` | Concurrent threads | 20 |
| `--timeout` | Request timeout (seconds) | 10 |
| `-o, --output` | Output CSV file | results.csv |
| `-c, --command` | Command to execute | id |
| `-q, --quiet` | Quiet mode | false |

## URL File Format

One URL per line, for example:

```
http://192.168.1.10:3000
http://192.168.1.11:3000
```

## Output Example

```
    +---------------------------------------------------------------+
    |   ###   ## #######  ##  ## ########       ## #######          |
    |   ####  ## ##       ## ##     ##          ## ##               |
    |   ## ## ## #####     ###      ##          ## #######          |
    |   ##  #### ##       ## ##     ##      ##  ##       ##         |
    |   ##   ### ####### ##   ##    ##       ####  #######          |
    |                                                               |
    |   CVE-2025-55182 RCE Scanner                                  |
    +---------------------------------------------------------------+

============================================================
  [ CONFIGURATION ]
============================================================
  > Targets: 10
  > Threads: 20
  > Command: id

============================================================
  [ SCANNING ]
============================================================
  [14:30:25] [VULN] http://192.168.1.10:3000
             '--> uid=1000(www-data)
  [14:30:26] [SAFE] http://192.168.1.11:3000

+==========================================================+
|                     SCAN COMPLETE                        |
+==========================================================+
|  Total Targets :    10                                   |
|  Vulnerable    :     1                                   |
|  Safe          :     9                                   |
|  Errors        :     0                                   |
+==========================================================+
```

## Output File

The scan results are saved as a CSV file, containing the following fields:

- `url` - Target URL
- `status` - HTTP status code
- `vulnerable` - Whether a vulnerability exists
- `output` - Output from the command execution
- `error` - Error message

## Disclaimer

This tool is intended only for authorized security testing purposes. Do not use it for illegal purposes. The user must bear all related responsibilities.

[source-iocs-preserved url=http://192.168.1.100:3000,http://target.com ipv4=192.168.1.100]